#!/usr/bin/perl -w

#    Copyright (C) 2011 Matthias Förste
#    Copyright (C) 2010, 2011 Heiko Schlittermann
#    Copyright (C) 2010 Andre Süß
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#    Matthias Förste <foerste@schlittermann.de>

=encoding utf8
=cut

use v5.10;
use strict;
use warnings;

use Pod::Usage;
use Getopt::Long;
use File::Temp;
use IO::File;
use POSIX qw(strftime);
use if $ENV{DEBUG} => "Smart::Comments";
use DNStools::Config qw(get_config);
use DNStools::UpdateSerial;

my %opt;

MAIN: {

    GetOptions(
        "sign-alert-time=i" => \$opt{sign_alert_time},
        "key-counter-end=i" => \$opt{key_counter_end},
        "h|help"            => sub { pod2usage(-exit => 0, -verbose => 1) },
        "m|man"             => sub {
            pod2usage(
                -exit    => 0,
                -verbose => 2,

               # "system('perldoc -V &>/dev/null')" appears shorter, but may not
               # do what you expect ( it still returns 0 on debian squeeze with
               # dash as system shell even if cannot find the command in $PATH)
                -noperldoc => system('perldoc -V >/dev/null 2>&1')
            );
        }
    ) or pod2usage;

    # merge the config and the defined options from commandline
    my @configs =
      ("dnstools.conf", "$ENV{HOME}/.dnstools.conf", "/etc/dnstools.conf");
    unshift @configs, $ENV{DNSTOOLS_CONF} if defined $ENV{DNSTOOLS_CONF};
    %config = get_config @configs, \%opt;

    my @candidates = @ARGV ? zones(@ARGV) : changed_zones;
    push @candidates, update_index($config{indexzone});
    push @candidates, signature_expired($config{sign_alert_time});

    my @need_rollover = need_rollover;
    my @done_rollover = done_rollover;

    push @candidates, begin_rollover(@need_rollover);
    push @candidates, end_rollover(@done_rollover);

    foreach my $zone (uniq(@candidates)) {

        #        say "XXX: candidate $zone";
        update_serial($zone);
        sign($zone)
          if dnssec_enabled($zone,
                  "$config{master_dir}/$config{indexzone}/$config{indexzone}");

#        say "XXX: $zone should be signed" if dnssec_enabled($zone, "$config{master_dir}/$config{indexzone}/$config{indexzone}");
    }

    file_entry;
    mk_zone_conf($config{bind_dir}, $config{zone_conf_dir});
    server_reload;

}

__END__

=pod

=head1 NAME
 
 update-serial - updates the serial numbers and re-signs the zone files

=head1 SYNOPSIS

 update-serial [options] [zone...]

=head1 DESCRIPTION

B<update-serial> scans the configured directories for modified zone files. On any
file found it increments the serial number and signs the zone, if appropriate.

=head1 OPTIONS

=over

=item B<--sign-alert-time> I<days>

TODO

=item B<--key-counter-end> I<integer>

Maximum number of key usages.

=back

The common options B<-h>|B<--help>|B<-m>|B<--man> are supported.

=head1 AUTHORS

Matthias Förste L<<foerste@schlittermann.de>>, Heiko Schlittermann L<<hs@schlittermann.de>>, Andre Süss L<<andre.suess@pipkin.cc>>

=cut

# vim:sts=4 sw=4 aw ai sm:
